*** empty log message ***

svn path=/trunk/boinc/; revision=11654

checkin_notes

@@ -13311,3 +13311,10 @@ Charlie 11 Dec 2006
 Rom    12 Dec 2006 (Forked from HEAD)
     - Branch boinc_core_release_5_8 created for the BOINC 5.8 client release.
 
+David  12 Dec 2006
+    - add updater program
+
+    configure.ac
+    lib/
+        Makefile.am
+        updater.C (new)

configure.ac

@@ -147,6 +147,7 @@ SAH_LINKS
 AC_SUBST([CLIENT_BIN_FILENAME],[boinc${EXEEXT}])
 AC_SUBST([CLIENT_CMD_BIN_FILENAME],[boinccmd${EXEEXT}])
 AC_SUBST([CLIENT_GUI_BIN_FILENAME],[boincmgr${EXEEXT}])
+AC_SUBST([UPDATER_BIN_FILENAME],[_updater${EXEEXT}])
 
 dnl If we're running under cygwin, check whether we want to use X11 or WIN32
 dnl GUI

doc/client_unix.php

@@ -24,10 +24,10 @@ list_item("<a href=client_msgs.php>cc_config.xml</a>",
     "turn log messages on/off by category,
     and other core client configuration options."
 );
-list_item("<a href=gui_rpc.php>remote_hosts.cfg</a>",
+list_item("<a href=gui_rpc_auth.php>remote_hosts.cfg</a>",
     "hosts from which remote GUI RPCs is allowed"
 );
-list_item("<a href=gui_rpc.php>gui_rpc_auth.cfg</a>",
+list_item("<a href=gui_rpc_auth.php>gui_rpc_auth.cfg</a>",
     "GUI RPC password"
 );
 list_item("<a href=client_startup.php>project_init.xml</a>",

doc/gui_rpc.php

@@ -44,8 +44,8 @@ Use the client version number to decide what subsequent RPCs to make
 
 <h2>Authorization</h2>
 <p>
-The RPC protocol allows the GUI program to authenticate itself
+GUI RPC authorization is described <a href=gui_rpc_auth.php>here</a>.
-using a password; this is described below.
+The RPC protocol allows the GUI program to authenticate itself using a password.
 Some of the RPC operations can be done without authentication;
 others can be done without authentication, but only by a GUI program
 running on the same machine.
@@ -325,48 +325,6 @@ They can then do repeated RPCs over this connection.
 Each reply message ends with the character '\\003.
 
 
-<h2>Access control for GUI RPC</h2>
-<p>
-Since GUI RPCs can control the BOINC client
-(e.g. attaching/detaching projects)
-it is important to protect your BOINC client from unauthorized control.
-There are two levels of protection:
-<ul>
-<li> You can associate a password with the client.
-If a password is used,
-GUI RPCs must be authenticated with this password.
-<li> You can restrict RPCs to a limited set of hosts.
-</ul>
-A GUI RPC is handled only if it passes both levels of protection.
-
-<h2>Password protection</h2>
-<p>
-If you place a password in a file <b>gui_rpc_auth.cfg</b>
-in your BOINC directory,
-GUI RPCs must be authenticated using the password.
-<p>
-If this file is not present, there is no password protection.
-
-<h2>Remote host restriction</h2>
-<p>
-By default the core client accepts GUI RPCs only from the same host.
-
-<p>
-You can allow remote hosts to control a core client in two ways:
-<ul>
-<li> If you run the client with the
--allow_remote_gui_rpc command line option,
-it will accept connections from any host.
-This is not recommended unless the host is behind a firewall
-that blocks the GUI RPC port (1043).
-<li>
-You can create
-a file remote_hosts.cfg in your BOINC directory containing 
-a list of allowed DNS host names or IP addresses (one per line).
-Those hosts will be able to connect.
-The remote_hosts.cfg file can have comment lines that start with either a # 
-or a ; character as well.
-</ul>
 ";
 
 page_tail();

doc/gui_rpc_auth.php

@@ -0,0 +1,74 @@
+<?php
+require_once("docutil.php");
+page_head("Authorizing remote control of BOINC");
+echo "
+<h2>Remote control of the BOINC client</h2>
+<p>
+The BOINC core client typically is controlled by
+the <a href=manager.php>BOINC Manager</a> running on the same machine:
+<br> <center>
+<img src=gui_auth.png>
+<br> </center>
+The two programs communicate over a local connection,
+using 'GUI RPC' (Graphical User Interface Remote Procedure Call).
+<p>
+It's also possible to use the BOINC Manager to control
+a core client on a different host:
+<br> <center>
+<img src=gui_auth2.png>
+<br> </center>
+And BOINCView (an add-on program developed by a third party) is
+able to control many BOINC clients at once:
+<br> <center>
+<img src=gui_auth3.png>
+<br> </center>
+
+<h2>Access control for GUI RPC</h2>
+<p>
+Since GUI RPCs can control the BOINC client
+(e.g. attaching/detaching projects)
+it is important to protect your BOINC client from unauthorized control.
+There are two levels of protection:
+<ul>
+<li> You can associate a password with the client.
+If a password is used,
+GUI RPCs must be authenticated with this password.
+<li> You can restrict RPCs to a limited set of hosts.
+</ul>
+A GUI RPC is handled only if it passes both levels of protection.
+<p>
+After a standard installation, BOINC is highly secure;
+it generates its own (long, random) password,
+and it doesn't allow access from other hosts.
+
+<h2>Password protection</h2>
+<p>
+If you place a password in a file <b>gui_rpc_auth.cfg</b>
+in your BOINC directory,
+GUI RPCs must be authenticated using the password.
+<p>
+If this file is not present, there is no password protection.
+
+<h2>Remote host restriction</h2>
+<p>
+By default the core client accepts GUI RPCs only from the same host.
+
+<p>
+You can allow remote hosts to control a core client in two ways:
+<ul>
+<li> If you run the client with the
+-allow_remote_gui_rpc command line option,
+it will accept connections from any host.
+This is not recommended unless the host is behind a firewall
+that blocks the GUI RPC port (1043).
+<li>
+You can create
+a file <b>remote_hosts.cfg</b> in your BOINC directory containing 
+a list of allowed DNS host names or IP addresses (one per line).
+Those hosts will be able to connect.
+The remote_hosts.cfg file can have comment lines that start with either a # 
+or a ; character as well.
+</ul>
+";
+page_tail();
+?>

doc/participate.php

@@ -47,6 +47,7 @@ or need help installing BOINC, you can
 <li> <a href=teams.php>Teams</a>
 <li> <a href=acct_mgrs.php>Account managers</a>
 <li> <a href=client_msgs.php>Core client configuration</a>
+<li> <a href=http://boinc.berkeley.edu/gui_rpc_auth.php>Authorizing remote control</a>
 </ul>
 <h3>Advanced users</h3>
 <ul>

lib/Makefile.am

@@ -7,13 +7,13 @@ include $(top_srcdir)/Makefile.incl
 nslprogs=boinc_cmd$(EXEEXT)
 #endif
 
-bin_PROGRAMS = crypt_prog$(EXEEXT) $(nslprogs)
+bin_PROGRAMS = crypt_prog$(EXEEXT) $(nslprogs) updater$(EXEEXT)
 
 EXTRA_PROGRAMS = md5_test$(EXEEXT) shmem_test$(EXEEXT) msg_test$(EXEEXT)
 
 all-local: client-bin
 
-client-bin: @CLIENT_CMD_BIN_FILENAME@
+client-bin: @CLIENT_CMD_BIN_FILENAME@ @UPDATER_BIN_FILENAME@
 
 boinc_cmd_SOURCES = \
     boinc_cmd.C \
@@ -21,6 +21,11 @@ boinc_cmd_SOURCES = \
 
 boinc_cmd_LDADD = $(lib_LIBRARIES) $(PTHREAD_LIBS)
 
+updater_SOURCES = \
+    updater.C
+
+updater_LDADD = $(lib_LIBRARIES)
+
 # make a hard link to the client name.
 @CLIENT_CMD_BIN_FILENAME@: boinc_cmd$(EXEEXT)
 	rm -f $@
@@ -29,6 +34,13 @@ boinc_cmd_LDADD = $(lib_LIBRARIES) $(PTHREAD_LIBS)
 	@LN@ $? $@
 	@STRIP@ $@
 
+@UPDATER_BIN_FILENAME@: updater$(EXEEXT)
+	rm -f $@
+	rm -f $@.unmodified
+	cp $? $@.unmodified
+	@LN@ $? $@
+	@STRIP@ $@
+
 lib_LIBRARIES = libboinc.a 
 EXTRA_DIST = *.h *.C
 

lib/updater.C

@@ -0,0 +1,66 @@
+// Berkeley Open Infrastructure for Network Computing
+// http://boinc.berkeley.edu
+// Copyright (C) 2006 University of California
+//
+// This is free software; you can redistribute it and/or
+// modify it under the terms of the GNU Lesser General Public
+// License as published by the Free Software Foundation;
+// either version 2.1 of the License, or (at your option) any later version.
+//
+// This software is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+// See the GNU Lesser General Public License for more details.
+//
+// To view the GNU Lesser General Public License visit
+// http://www.gnu.org/copyleft/lesser.html
+// or write to the Free Software Foundation, Inc.,
+// 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+// This program is run in a version directory.
+// The main BOINC directory is ../../..
+
+#include <stdio.h>
+
+#include "filesys.h"
+
+#define MAIN_DIR "../../.."
+
+int prepare_prev_dir() {
+    char prev_dir[256];
+    int retval;
+
+    sprintf(prev_dir, "%s/prev_version", MAIN_DIR);
+    if (is_dir(prev_dir)) {
+        retval = clean_out_dir(prev_dir);
+        if (retval) return retval;
+    } else {
+        retval = boinc_mkdir(prev_dir);
+        if (retval) return retval;
+    }
+    return 0;
+}
+
+int move_to_prev(char* file) {
+    char oldname[1024], newname[1024];
+    sprintf(oldname, "%s/%s", MAIN_DIR, file);
+    sprintf(newname, "%s/prev_version/%s", MAIN_DIR, file);
+    return boinc_rename(oldname, newname);
+}
+
+int move_to_main(char* file) {
+    char newname[1024];
+    sprintf(newname, "%s/%s", MAIN_DIR, file);
+    return boinc_rename(file, newname);
+}
+
+int main() {
+    int retval;
+
+    retval = prepare_prev_dir();
+    if (retval) exit(retval);
+    move_to_prev("boinc.exe");
+    move_to_prev("boincmgr.exe");
+    move_to_main("boinc.exe");
+    move_to_main("boincmgr.exe");
+}